MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 dc254812f69ca29b2cc81d0513d3bbabbbd880801dc50202cef4721deab0bb21. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Threat unknown

Vendor detections: 5

Intelligence 5 IOCs YARA File information Comments

SHA256 hash:	dc254812f69ca29b2cc81d0513d3bbabbbd880801dc50202cef4721deab0bb21
SHA3-384 hash:	de3042bbbee6d232a61dc7c90e346f3ef2cf644e8ed632c1d55535b6619852cc813fc167f84f5432406097b37b4734a4
SHA1 hash:	28087b94610f925078b3ebfd641a8ab104e4aa19
MD5 hash:	acaf2b9831de5a4f96aba116ebe2fe4c
humanhash:	virginia-connecticut-robin-muppet
File name:	eu.txt
Download:	download sample
File size:	297'644 bytes
First seen:	2022-11-10 07:44:45 UTC
Last seen:	Never
File type:	unknown
MIME type:	text/plain
ssdeep	6144:bDY/hf67L0QBBWg7WLv12smXLHcw5RzzydLy+LccQ:w/C0QBB1WMsKLbvydu+1Q
TLSH	T1E5543B3657037C8A77B70F88FA052A620CE9B8D3A3D3D42DFEC08A9654AB455DC09DB5
Reporter	JAMESWT_WT
Tags:	scarenx-gq

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Generic-EXE.UNOFFICIAL

SecuriteInfo.com.PUA.Base64EXE-2.UNOFFICIAL

Verdict:

No Threat

Threat level:

2/10

Confidence:

100%

Tags:

hacktool obfuscated

Link:

https://www.filescan.io/uploads/636cac03a8a86b129ea06156/reports/04d3b938-e50c-4800-a369-a2c8936e9e0a/overview

Result

Verdict:

MALICIOUS

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/dc254812f69ca29b2cc81d0513d3bbabbbd880801dc50202cef4721deab0bb21/

Threat name:

ByteCode-MSIL.Infostealer.DarkStealer

Status:

Malicious

First seen:

2022-11-10 07:45:09 UTC

File Type:

Text

AV detection:

14 of 40 (35.00%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=3qsuqexwtsrjwlgiducrhu53vo55raeadxcqeawo6rzb32vqxmqq._file

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/dc254812f69ca29b2cc81d0513d3bbabbbd880801dc50202cef4721deab0bb21

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

unknown dc254812f69ca29b2cc81d0513d3bbabbbd880801dc50202cef4721deab0bb21

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/2406577/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample